Hi,
I am Milind Purswani and I currently work as a Security Engineer in the pro-active security team at Amazon Lab126. I excel at identifying deep security issues within an ecosystem and have discovered several CVEs to my name, such as CVE-2021-22193 and CVE-2023-29066. The former allowed anyone in Gitlab to validate the existence of a private project, while the latter involved an issue within FACSChorus that allowed non-administrative users to perform unauthorized privileged operations on a medical device.
Over the years, I have developed several interesting tools for the community, which you can find on my Github profile. For instance, Whoxyrm lets you perform a reverse whois request to help you map attack surface for a target, while Syborg is a recursive subdomain enumerator that enables you to find deeper hidden subdomains using the Depth First Search (DFS) Algorithm. Both of these tools are very popular within the Security Community.
I am passionate about hacking and learning new things, as well as designing and integrating them into my daily life. On my blog, pandaonair.com, I share my personal opinions on security and talk about my thoughts. I find inspiration in people who develop innovative solutions to bring small, subtle changes to their lives.
My ultimate goal is to make the internet a safer place for everyone. Since technology is evolving rapidly, it is crucial to keep up with the latest trends in development. At Amazon, I tackle some of the most interesting challenges on the planet, ranging from small devices like Amazon FireTV and Kindle notebooks to securing Satellites.